Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/7tBIF1-d_A5f7JMUiZCMZpXZ5WU.roa
File:                     7tBIF1-d_A5f7JMUiZCMZpXZ5WU.roa (raw, json)
Hash identifier:          lEOZLm0dkrWb9qyQIaVWywM/4MQFtO/IwZPQCyIzqrY=
Subject key identifier:   EE:D0:48:17:5F:9D:FC:0E:5F:EC:93:14:89:90:8C:66:95:D9:E5:65
Certificate issuer:       /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial:       018CC64B43C0C9E23C11CA11D29416062D24
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/7tBIF1-d_A5f7JMUiZCMZpXZ5WU.roa
Signing time:             Mon 01 Jan 2024 18:31:10 +0000
ROA not before:           Mon 01 Jan 2024 18:31:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61427
IP address blocks:        194.88.13.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 08 Jun 2024 17:40:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:43:c0:c9:e2:3c:11:ca:11:d2:94:16:06:2d:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
        Validity
            Not Before: Jan  1 18:31:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eed048175f9dfc0e5fec931489908c6695d9e565
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:99:8b:d8:7d:6f:1a:14:c8:2d:c7:73:c7:8b:
                    0c:b3:69:9e:75:f7:ce:d1:b2:20:9d:ac:de:2a:fa:
                    68:51:e9:f3:f2:e9:8f:45:17:a9:05:87:38:59:3b:
                    53:a0:7c:54:f2:b5:00:17:2e:46:ef:64:29:c3:f0:
                    43:c9:df:1a:c9:91:eb:ce:19:0a:23:b3:83:86:a3:
                    58:9b:22:9d:b1:d5:88:b8:74:b4:0c:86:5f:dc:79:
                    15:09:bd:ca:a6:7e:ff:fb:0f:0c:00:3d:86:12:e9:
                    5b:16:6d:fa:01:b8:aa:9e:97:e8:3f:16:4b:d3:2b:
                    4c:cd:82:45:9e:99:c8:1b:fb:d9:a8:ac:13:cd:fb:
                    5a:0a:a3:01:87:4c:6f:5a:9d:dc:f3:7d:93:b0:d5:
                    b8:88:60:1f:ac:78:cf:ff:61:5f:4c:73:d1:31:40:
                    96:3a:f3:c3:b6:c0:d9:57:be:3a:ed:08:65:f7:7a:
                    62:0e:59:c3:c7:2b:52:6f:4f:fa:df:89:68:a1:69:
                    54:d4:c0:e2:ba:b4:fa:01:1e:b1:38:39:fd:ec:8b:
                    c0:37:18:0a:5f:b6:6a:24:0a:65:bb:32:a3:d1:f0:
                    59:c3:18:75:29:ae:9f:ad:49:1e:ba:f5:80:69:6e:
                    96:44:24:28:12:12:45:c4:0f:a6:e1:9f:26:7e:e7:
                    d1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:D0:48:17:5F:9D:FC:0E:5F:EC:93:14:89:90:8C:66:95:D9:E5:65
            X509v3 Authority Key Identifier:
                keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/7tBIF1-d_A5f7JMUiZCMZpXZ5WU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.88.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:8d:ae:30:26:b9:66:8a:94:6b:4e:d8:d7:0d:6e:f1:3d:37:
         aa:96:77:14:7f:bd:9c:be:bd:09:8c:32:aa:32:f9:55:dd:85:
         30:7f:b2:80:29:6c:de:84:50:3b:a2:05:44:77:e6:9f:ca:01:
         b1:bf:e7:24:fb:be:26:17:d3:13:4a:70:53:0b:a0:f5:4b:ed:
         e7:85:d9:39:0d:cf:d7:6f:2c:62:8f:8d:bf:ee:ae:5c:71:e7:
         45:61:cb:8e:ff:e9:05:f6:2f:03:67:bf:a9:1b:bf:4f:0a:d4:
         1a:f4:7c:db:3f:d7:4b:32:24:17:a5:9b:6b:c0:e7:ef:e9:f3:
         b9:9f:05:75:30:c6:c0:e4:31:03:1d:4a:10:db:3d:56:21:3b:
         a9:62:ca:df:47:91:2a:22:60:fb:36:53:e0:98:6a:30:b8:b3:
         32:5e:79:d8:11:ce:ce:de:a2:00:13:93:d4:f3:4b:7d:2c:f5:
         43:84:3c:a4:0a:88:6e:37:8e:ab:89:eb:68:c9:7d:c6:f1:53:
         de:fd:c8:98:cd:8f:b0:e2:f2:30:eb:74:6e:5b:4b:2b:ea:49:
         19:58:cb:d2:10:a4:44:7d:53:88:f9:32:69:58:36:f3:47:b4:
         42:91:1e:95:75:c8:15:d9:8c:a1:23:dd:3e:5b:9a:ec:4c:81:
         74:e7:49:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS0PAyeI8EcoR0pQWBi0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjQwMTAxMTgzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWQwNDgxNzVmOWRmYzBlNWZlYzkzMTQ4OTkwOGM2Njk1ZDllNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZmL2H1vGhTILcdzx4sMs2medffO
0bIgnazeKvpoUenz8umPRRepBYc4WTtToHxU8rUAFy5G72Qpw/BDyd8ayZHrzhkK
I7ODhqNYmyKdsdWIuHS0DIZf3HkVCb3Kpn7/+w8MAD2GEulbFm36AbiqnpfoPxZL
0ytMzYJFnpnIG/vZqKwTzftaCqMBh0xvWp3c832TsNW4iGAfrHjP/2FfTHPRMUCW
OvPDtsDZV7467Qhl93piDlnDxytSb0/634looWlU1MDiurT6AR6xODn97IvANxgK
X7ZqJApluzKj0fBZwxh1Ka6frUkeuvWAaW6WRCQoEhJFxA+m4Z8mfufRRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7QSBdfnfwOX+yTFImQjGaV2eVlMB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvN3RCSUYxLWRfQTVmN0pNVWlaQ01acFhaNVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlgNMA0G
CSqGSIb3DQEBCwUAA4IBAQApja4wJrlmipRrTtjXDW7xPTeqlncUf72cvr0JjDKq
MvlV3YUwf7KAKWzehFA7ogVEd+afygGxv+ck+74mF9MTSnBTC6D1S+3nhdk5Dc/X
byxij42/7q5ccedFYcuO/+kF9i8DZ7+pG79PCtQa9HzbP9dLMiQXpZtrwOfv6fO5
nwV1MMbA5DEDHUoQ2z1WITupYsrfR5EqImD7NlPgmGowuLMyXnnYEc7O3qIAE5PU
80t9LPVDhDykCohuN46rietoyX3G8VPe/ciYzY+w4vIw63RuW0sr6kkZWMvSEKRE
fVOI+TJpWDbzR7RCkR6VdcgV2YyhI90+W5rsTIF050kk
-----END CERTIFICATE-----
Generated at Sat Jun 8 19:30:58 2024 by rpki-client on console-fra.rpki-client.org